I have done some searching and can't find an answer so I guess I'll just ask, maybe someone can point me to a thread or give an answer:)
I have a number of forms that use the updated version of Matt's script for forms, it resides in my CGI BIN and is called FormMail.pl.
Lately I am getting pummeled with emails from a number of my forms and am scared that my forms might be getting used to send SPAM via BCC or some other hack.
Here is my plan:
I will create a hidden DIV with a standard name that by default is blank, if it gets filled in, I will know it was by a BOT and the form will be killed upon submit.
I know how to do the hidden DIV, what I don't know is what to put in the FormMail.pl to wipe out the form in this case....
Thanks in advance,
M
q2jbf8TY.pl
of course you need to update the forms action attribute as well.
the bots are looking for formmail.pl, just do that and see if it helps. If not, you need to do something a bit more drastic.
I know how to do the hidden DIV, what I don't know is what to put in the FormMail.pl to wipe out the form in this case....
assuming that the name you will be checking if filled in and assigned to $no_bots:
if ($no_bots) {
do something here
}
you could just exit the script at that point or print some data to a file to examine it later to see what the bot is filling in, get the IP address, stuff like that.
Yepper, thats the part I don't know how to do....
if (param('required_field') {
exit;
}
where "required_field" is the name of your hidden form field that should not be filled in.
